forked from mirrors/nixpkgs
b3ffc580ec
Fixes a security hole that could be exploited for a denial of service attack against a tor client, relay, hidden service, or authority [1]. [1]: https://trac.torproject.org/projects/tor/ticket/20384
51 lines
1.7 KiB
Nix
51 lines
1.7 KiB
Nix
{ stdenv, fetchurl, pkgconfig, libevent, openssl, zlib, torsocks
|
|
, libseccomp, systemd, libcap
|
|
}:
|
|
|
|
stdenv.mkDerivation rec {
|
|
name = "tor-0.2.8.9";
|
|
|
|
src = fetchurl {
|
|
url = "https://archive.torproject.org/tor-package-archive/${name}.tar.gz";
|
|
sha256 = "3f5c273bb887be4aff11f4d99b9e2e52d293b81ff4f6302b730161ff16dc5316";
|
|
};
|
|
|
|
nativeBuildInputs = [ pkgconfig ];
|
|
buildInputs = [ libevent openssl zlib ] ++
|
|
stdenv.lib.optionals stdenv.isLinux [ libseccomp systemd libcap ];
|
|
|
|
NIX_CFLAGS_LINK = stdenv.lib.optionalString stdenv.cc.isGNU "-lgcc_s";
|
|
|
|
postPatch = ''
|
|
substituteInPlace contrib/client-tools/torify \
|
|
--replace 'pathfind torsocks' true \
|
|
--replace 'exec torsocks' 'exec ${torsocks}/bin/torsocks'
|
|
'';
|
|
|
|
# Fails in a sandboxed environment; at some point we want to disable
|
|
# just the tests that require networking.
|
|
doCheck = false;
|
|
|
|
meta = with stdenv.lib; {
|
|
homepage = https://www.torproject.org/;
|
|
repositories.git = https://git.torproject.org/git/tor;
|
|
description = "Anonymizing overlay network";
|
|
|
|
longDescription = ''
|
|
Tor helps improve your privacy by bouncing your communications around a
|
|
network of relays run by volunteers all around the world: it makes it
|
|
harder for somebody watching your Internet connection to learn what sites
|
|
you visit, and makes it harder for the sites you visit to track you. Tor
|
|
works with many of your existing applications, including web browsers,
|
|
instant messaging clients, remote login, and other applications based on
|
|
the TCP protocol.
|
|
'';
|
|
|
|
license = licenses.bsd3;
|
|
|
|
maintainers = with maintainers;
|
|
[ phreedom doublec thoughtpolice joachifm ];
|
|
platforms = platforms.unix;
|
|
};
|
|
}
|